Certbus > Salesforce > Salesforce Certifications > IDENTITY-AND-ACCESS-MANAGEMENT-ARCHITECT > IDENTITY-AND-ACCESS-MANAGEMENT-ARCHITECT Online Practice Questions and Answers

IDENTITY-AND-ACCESS-MANAGEMENT-ARCHITECT Online Practice Questions and Answers

Questions 4

An administrator created a connected app for a custom wet) application in Salesforce which needs to be visible as a tile in App Launcher The tile for the custom web application is missing in the app launcher for all users in Salesforce. The

administrator requested assistance from an identity architect to resolve the issue.

Which two reasons are the source of the issue?

Choose 2 answers

A. StartURL for the connected app is not set in Connected App settings.

B. OAuth scope does not include "openid*.

C. Session Policy is set as 'High Assurance Session required' for this connected app.

D. The connected app is not set in the App menu as 'Visible in App Launcher".

Browse 247 Q&As
Questions 5

A global company is using the Salesforce Platform as an Identity Provider and needs to integrate a third-party application with its Experience Cloud customer portal.

Which two features should be utilized to provide users with login and identity services for the third-party application?

Choose 2 answers

A. Use the App Launcher with single sign-on (SSO).

B. External a Data source with Named Principal identity type.

C. Use a connected app.

D. Use Delegated Authentication.

Browse 247 Q&As
Questions 6

Universal Containers (UC) uses Salesforce for its customer service agents. UC has a proprietary system for order tracking which supports Security Assertion Markup Language (SAML) based single sign-on. The VP of customer service wants

to ensure only active Salesforce users should be able to access the order tracking system which is only visible within Salesforce.

What should be done to fulfill the requirement?

Choose 2 answers

A. Setup Salesforce as an identity provider (IdP) for order Tracking.

B. Set up the Corporate Identity store as an identity provider (IdP) for Order Tracking,

C. Customize Order Tracking to initiate a REST call to validate users in Salesforce after login.

D. Setup Order Tracking as a Canvas app in Salesforce to POST IdP initiated SAML assertion.

Browse 247 Q&As
Questions 7

Universal containers (UC) would like to enable SSO between their existing Active Directory infrastructure and salesforce. The it team prefers to manage all users in Active Directory and would like to avoid doing any initial setup of users in salesforce directly, including the correct assignment of profiles, roles and groups. Which two optimal solutions should UC use to provision users in salesforce? Choose 2 answers

A. Use the salesforce REST API to sync users from active directory to salesforce

B. Use an app exchange product to sync users from Active Directory to salesforce.

C. Use Active Directory Federation Services to sync users from active directory to salesforce.

D. Use Identity connect to sync users from Active Directory to salesforce

Browse 247 Q&As
Questions 8

Universal Containers (UC) has a Customer Community that uses Facebook for of authentication. UC would like to ensure that changes in the Facebook profile are 65. reflected on the appropriate Customer Community user. How can this requirement be met?

A. Use SAML Just-In-Time Provisioning between Facebook and Salesforce.

B. Use information in the Signed Request that is received from Facebook.

C. Develop a scheduled job that calls out to Facebook on a nightly basis.

D. Use the updateUser() method on the Registration Handler class.

Browse 247 Q&As
Questions 9

An identity architect is setting up an integration between Salesforce and a third-party system. The third-party system needs to authenticate to Salesforce and then make API calls against the REST API.

One of the requirements is that the solution needs to ensure the third party service providers connected app in Salesforce mini need for end user interaction and maximizes security.

Which OAuth flow should be used to fulfill the requirement?

A. JWT Bearer Flow

B. Web Server Flow

C. User Agent Flow

D. Username-Password Flow

Browse 247 Q&As
Questions 10

Universal containers (UC) has an e-commerce website while customers can buy products, make payments, and manage their accounts. UC decides to build a customer Community on Salesforce and wants to allow the customers to access the community for their accounts without logging in again. UC decides to implement ansp-Initiated SSO using a SAML- BASED complaint IDP. In this scenario where salesforce is the service provider, which two activities must be performed in salesforce to make sp-Initiated SSO work? Choose 2 answers

A. Configure SAML SSO settings.

B. Configure Delegated Authentication

C. Create a connected App

D. Set up my domain

Browse 247 Q&As
Questions 11

Northern Trail Outfitters (NTO) is planning to roll out a partner portal for its distributors using Experience Cloud. NTO would like to use an external identity provider (idP) and for partners to register for access to the portal. Each partner should be allowed to register only once to avoid duplicate accounts with Salesforce.

What should a identity architect recommend to create partners?

A. On successful creation of Partners using Self Registration page in Experience Cloud, create identity in Ping.

B. Create a custom page m Experience Cloud to self register partner with Experience Cloud and Ping identity store.

C. Create a custom web page in the Portal and create users in the IdP and Experience Cloud using published APIs.

D. Allow partners to register through the IdP and create partner users in Salesforce through an API.

Browse 247 Q&As
Exam Name: Salesforce Certified Identity and Access Management Architect
Last Update: Mar 18, 2025
Questions: 247 Q&As

PDF

$49.99

VCE

$55.99

PDF + VCE

$65.99